package com.tms.gateway.service;

import cn.dev33.satoken.stp.StpUtil;
import com.tms.common.Result;
import com.tms.gateway.utils.RedisUtil;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.cloud.client.loadbalancer.LoadBalanced;
import org.springframework.http.HttpEntity;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpMethod;
import org.springframework.http.ResponseEntity;
import org.springframework.stereotype.Service;
import org.springframework.web.client.RestTemplate;

@Service
public class PermissionService {

    @Autowired
    RedisUtil redisUtil;

    /**
     * 验证接口权限
     * @param requestPath 请求路径
     * @param requestMethod 请求方法
     * @param userId 用户ID
     * @return 是否有权限
     */
    public boolean checkPermission(String requestPath, String requestMethod, String userId) {
        //在redis中查找
        Boolean hasKey = redisUtil.hasKey("permission:apiList:" + requestPath + ":" + requestMethod);
        if (hasKey){
            String code = redisUtil.get("permission:apiList:" + requestPath + ":" + requestMethod);
            //确认是否是当前账户
            if (StpUtil.getLoginIdAsString().equals(userId)) {
                //检查是否有该权限编码
                return StpUtil.hasPermission(code);
            }
        }
        //TODO 服务降级
        return false;
    }
}
